-
Notifications
You must be signed in to change notification settings - Fork 220
Chromecast - Nginx Content Security Policy #588
Comments
@sukram230799, I can confirm the same issue and fix with nginx. What log are you looking at or how did you determine the new URL? |
@sbranden It was mentioned in the Chrome DevTools under the networking tab. |
Well if it works again, I think it's pretty safe to open a PR :) |
The Chromecast URL has changed. Therefore, we need to add the new URL to the Content-Security-Policy. Fixes jellyfin-archive#588
@sukram230799, @ThibaultNocchi : thanks for the info. I opened up the Chrome DevTools and found there are 3 different accesses to cast_sender.js https://www.gstatic.com/cv/js/sender/v1/cast_sender.js So looks like a change to allow any cast_sender.js in the www.gstatic.com path should be made instead? |
I guess that should be safe, I'll look with others |
The URL for the Chromecast js-file seems to have changed. For this, the CSP in the Nginx-file seems to be wrong and Chromecasting doesn't work while jellyfin is served by nginx.
The old URL was
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
and the new URL seems to behttps://www.gstatic.com/eureka/clank/95/cast_sender.js
.I'm not certain if that is the only valid URL under which the Chromecast file will be served, so I haven't created a pull request for it. But if the URL is changed in the
add_header Content-Security-Policy...
for nginx, Chromecasting becomes available again.The text was updated successfully, but these errors were encountered: